Financial authorities and the Financial Security Institute are inspecting Lotte Card's servers, which recently suffered a data leak, to see if there are any additional traces of intrusions by hackers that have not yet been identified. The aim is to assess the possibility that information could be leaked further. With the likelihood that disciplinary measures could become harsher if additional intrusions are confirmed, Lotte Card is closely monitoring the situation.
According to the financial industry on the 19th, financial authorities and the Financial Security Institute are checking whether the hacker accessed servers other than the payment-dedicated server. If the scope of the attack spread to other servers, it could lead to work disruptions such as errors in the employee-only network. An official at the Financial Security Institute said, "We are providing technical support to Lotte Card to check whether there are access logs for servers other than the payment-dedicated server."
On the 14th of last month, about 200GB (gigabytes) of internal files were leaked due to malware planted in the payment server by a hacking attack on Lotte Card. Sensitive information, including resident registration numbers and the CVC (three-digit number on the back of the card) on the back of the card, was also included. The hacker's attempts to exfiltrate files continued for three days until the 16th, and Lotte Card belatedly discovered this on the 26th during a server synchronization process. Immediately after confirming the leak, Lotte Card removed two types of malware and five types of web shells through a comprehensive inspection. A web shell is a hacking program that allows an attacker to remotely issue commands to a web server to view internal data.
If additional intrusions are confirmed, Lotte Card will face greater pressure. Financial authorities have already signaled the toughest sanctions, and in the worst case, the company could be suspended from business for up to six months. In fact, during the large-scale personal information leak in 2014, financial authorities imposed three-month business suspensions on Lotte Card, KB Card, and NongHyup Card, respectively.
With President Lee Jae-myung ordering penalty surcharges on corporations that repeatedly cause security incidents, there is also the possibility that Lotte Card will face heavy discipline along with a large penalty surcharge. In the first half of this year, Lotte Card's net profit fell 33.8% year over year to 41.6 billion won, which could add to the burden amid deteriorating profitability.
A Lotte Card official said, "We took immediate action last month, but we cannot completely rule out the possibility of additional intrusions," and added, "We are watching for the results of the authorities' investigation."